1. Field
This disclosure is generally related to the secure and efficient distribution of digital content. More specifically, this disclosure is related to creating secure content catalogs of aggregate content objects to efficiently sign and verify content.
2. Related Art
The proliferation of mobile computing and cellular networks is making digital content more mobile than ever, including content such as song, videos, and movies. Content-centric network (CCN) architectures such as Named Data Networking (NDN) have been designed to facilitate accessing such digital content. A fundamental feature of NDN is to name content, instead of communication end points. Each piece of content is individually named and each piece of data is bound to a unique name that distinguishes the data from any other piece of data. In an NDN, each piece of content is cryptographically signed by its producer or publisher. A requesting consumer verifies the content signature of received content to ensure integrity, origin authentication, and correctness.
In-network content caching by routers is another key feature of NDN. While an NDN router may verify content by verifying the signature, NDN does not require that a router verify all received content. The computational overhead required for a router to perform a cryptographic verification on every packet that it receives is not feasible. Furthermore, a router may not be aware of the specific trust model for each content-producing application, which would require obtaining multiple key certificates or similar structures to establish trust with a public key that verifies a content signature. For these reasons, an NDN router is not required to verify a content signature. However, this leaves the system vulnerable to “poisonous” content if a router does not verify received content before forwarding it on. Furthermore, the need for a content publisher to produce a signature for all content that it publishes carries a high computational cost.
Thus, the computational complexity of both requiring a router to verify the signature on all content that it receives and requiring the publisher to produce a signature on all content that it publishes is at odds with the security need to prevent poisonous content from being disseminated in the network.